[libFuzzer] teach the fork mode to ignore OOMs and timeouts
llvm-svn: 353792
GitOrigin-RevId: cdbb9dc9625a8ce14cb0841a4aab613b0ead23d1
diff --git a/FuzzerDriver.cpp b/FuzzerDriver.cpp
index 232b3a8..8ad99d0 100644
--- a/FuzzerDriver.cpp
+++ b/FuzzerDriver.cpp
@@ -533,6 +533,12 @@
Printf("INFO: temp_files: %zd files_added: %zd newft: %zd ft: %zd\n",
TempFiles.size(), FilesToAdd.size(), NewFeatures.size(),
Features.size());
+ // Continue if our crash is one of the ignorred ones.
+ if (Options.IgnoreTimeouts && ExitCode == Options.TimeoutExitCode)
+ continue;
+ if (Options.IgnoreOOMs && ExitCode == Options.OOMExitCode)
+ continue;
+ // And exit if we don't ignore this crash.
if (ExitCode != 0) break;
}
@@ -681,6 +687,8 @@
Options.UnitTimeoutSec = Flags.timeout;
Options.ErrorExitCode = Flags.error_exitcode;
Options.TimeoutExitCode = Flags.timeout_exitcode;
+ Options.IgnoreTimeouts = Flags.ignore_timeouts;
+ Options.IgnoreOOMs = Flags.ignore_ooms;
Options.MaxTotalTimeSec = Flags.max_total_time;
Options.DoCrossOver = Flags.cross_over;
Options.MutateDepth = Flags.mutate_depth;
diff --git a/FuzzerFlags.def b/FuzzerFlags.def
index caf541b..d194a89 100644
--- a/FuzzerFlags.def
+++ b/FuzzerFlags.def
@@ -43,6 +43,8 @@
FUZZER_FLAG_INT(help, 0, "Print help.")
FUZZER_FLAG_INT(fork, 0, "Experimental mode where fuzzing happens "
"in a subprocess")
+FUZZER_FLAG_INT(ignore_timeouts, 1, "Ignore timeouts in fork mode")
+FUZZER_FLAG_INT(ignore_ooms, 1, "Ignore OOMs in fork mode")
FUZZER_FLAG_INT(merge, 0, "If 1, the 2-nd, 3-rd, etc corpora will be "
"merged into the 1-st corpus. Only interesting units will be taken. "
"This flag can be used to minimize a corpus.")
diff --git a/FuzzerMerge.cpp b/FuzzerMerge.cpp
index 4d00f7e..c61169a 100644
--- a/FuzzerMerge.cpp
+++ b/FuzzerMerge.cpp
@@ -299,7 +299,6 @@
Command BaseCmd(Args);
BaseCmd.removeFlag("merge");
BaseCmd.removeFlag("fork");
- bool Success = false;
for (size_t Attempt = 1; Attempt <= NumAttempts; Attempt++) {
Fuzzer::MaybeExitGracefully();
Printf("MERGE-OUTER: attempt %zd\n", Attempt);
@@ -309,14 +308,9 @@
auto ExitCode = ExecuteCommand(Cmd);
if (!ExitCode) {
Printf("MERGE-OUTER: succesfull in %zd attempt(s)\n", Attempt);
- Success = true;
break;
}
}
- if (!Success) {
- Printf("MERGE-OUTER: zero succesfull attempts, exiting\n");
- exit(1);
- }
// Read the control file and do the merge.
Merger M;
std::ifstream IF(CFPath);
diff --git a/FuzzerOptions.h b/FuzzerOptions.h
index 868327d..628603f 100644
--- a/FuzzerOptions.h
+++ b/FuzzerOptions.h
@@ -23,6 +23,8 @@
int OOMExitCode = 71;
int InterruptExitCode = 72;
int ErrorExitCode = 77;
+ bool IgnoreTimeouts = 1;
+ bool IgnoreOOMs = 1;
int MaxTotalTimeSec = 0;
int RssLimitMb = 0;
int MallocLimitMb = 0;
